Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9584b3a8 by Salvatore Bonaccorso at 2020-02-18T06:52:39+01:00
Track several CVEs fixed for crhomium via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5885,113 +5885,111 @@ CVE-2020-6419
CVE-2020-6418
RESERVED
CVE-2020-6417 (Inappropriate implementation in installer in Google Chrome
prior to 80 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6416 (Insufficient data validation in streams in Google Chrome prior
to 80.0 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6415 (Inappropriate implementation in JavaScript in Google Chrome
prior to 8 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6414 (Insufficient policy enforcement in Safe Browsing in Google
Chrome prio ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6413 (Inappropriate implementation in Blink in Google Chrome prior to
80.0.3 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6412 (Insufficient validation of untrusted input in Omnibox in Google
Chrome ...)
- - chromium <unfixed>
- [stretch] - chromium <end-of-life> (see DSA 4562)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6411 (Insufficient validation of untrusted input in Omnibox in Google
Chrome ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6410 (Insufficient policy enforcement in navigation in Google Chrome
prior t ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6409 (Inappropriate implementation in Omnibox in Google Chrome prior
to 80.0 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6408 (Insufficient policy enforcement in CORS in Google Chrome prior
to 80.0 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6407
RESERVED
CVE-2020-6406 (Use after free in audio in Google Chrome prior to 80.0.3987.87
allowed ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6405 (Out of bounds read in SQLite in Google Chrome prior to
80.0.3987.87 al ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6404 (Inappropriate implementation in Blink in Google Chrome prior to
80.0.3 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6403 (Incorrect implementation in Omnibox in Google Chrome on iOS
prior to 8 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6402 (Insufficient policy enforcement in downloads in Google Chrome
on OS X ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6401 (Insufficient validation of untrusted input in Omnibox in Google
Chrome ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6400 (Inappropriate implementation in CORS in Google Chrome prior to
80.0.39 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6399 (Insufficient policy enforcement in AppCache in Google Chrome
prior to ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6398 (Use of uninitialized data in PDFium in Google Chrome prior to
80.0.398 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6397 (Inappropriate implementation in sharing in Google Chrome prior
to 80.0 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6396 (Inappropriate implementation in Skia in Google Chrome prior to
80.0.39 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6395 (Out of bounds read in JavaScript in Google Chrome prior to
80.0.3987.8 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6394 (Insufficient policy enforcement in Blink in Google Chrome prior
to 80. ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6393 (Insufficient policy enforcement in Blink in Google Chrome prior
to 80. ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6392 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6391 (Insufficient validation of untrusted input in Blink in Google
Chrome p ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6390 (Out of bounds memory access in streams in Google Chrome prior
to 80.0. ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6389 (Out of bounds write in WebRTC in Google Chrome prior to
80.0.3987.87 a ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6388 (Out of bounds access in WebAudio in Google Chrome prior to
80.0.3987.8 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6387 (Out of bounds write in WebRTC in Google Chrome prior to
80.0.3987.87 a ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6386
RESERVED
CVE-2020-6385 (Insufficient policy enforcement in storage in Google Chrome
prior to 8 ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6384
RESERVED
CVE-2020-6383
RESERVED
CVE-2020-6382 (Type confusion in JavaScript in Google Chrome prior to
80.0.3987.87 al ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6381 (Integer overflow in JavaScript in Google Chrome on ChromeOS and
Androi ...)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6380 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
{DSA-4606-1}
@@ -12091,13 +12089,15 @@ CVE-2019-19927 (In the Linux kernel 5.0.0-rc7 (as
distributed in ubuntu/linux.gi
CVE-2019-19926 (multiSelect in select.c in SQLite 3.30.1 mishandles certain
errors dur ...)
- sqlite3 <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
NOTE:
https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-19925 (zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1
mishandles a NULL ...)
- sqlite3 3.30.1+fossil191229-1
[buster] - sqlite3 <no-dsa> (Minor issue)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ - chromium 80.0.3987.106-1
+ [stretch] - chromium <end-of-life> (see DSA 4562)
NOTE:
https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618
CVE-2019-19924 (SQLite 3.30.1 mishandles certain parser-tree rewriting,
related to exp ...)
- sqlite3 3.30.1+fossil191229-1
@@ -12110,7 +12110,7 @@ CVE-2019-19923 (flattenSubquery in select.c in SQLite
3.30.1 mishandles certain
[buster] - sqlite3 <no-dsa> (Minor issue)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
- - chromium <unfixed>
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE:
https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35
CVE-2019-19922 (kernel/sched/fair.c in the Linux kernel before 5.3.9, when
cpu.cfs_quo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9584b3a89df4dcd20eae43f8e06abd3cdf70396f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9584b3a89df4dcd20eae43f8e06abd3cdf70396f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
